CVE-2005-2191 in Comersus Cartinfo

Summary

Multiple cross-site scripting (XSS) vulnerabilities in Comersus shopping cart allow remote attackers to inject arbitrary web script or HTML via the (1) name parameter to comersus_backoffice_listAssignedPricesToCustomer.asp or (2) message parameter to comersus_backoffice_message.asp.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Reservation

07/10/2005

Disclosure

07/11/2005

CPE

ready

Exploit

Download

CVSS

4.3

EPSS

0.00409

Activities

Very Low

Sources

MITREhttps://www.cve.org/CVERecord?id=CVE-2005-2191
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2005-2191
CVE Detailshttps://www.cvedetails.com/cve/CVE-2005-2191/

PreviousOverviewNext